Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/iQHNWkisq1SV2lcZ8mo5kRDIG58.roa
File: iQHNWkisq1SV2lcZ8mo5kRDIG58.roa (raw, json)
Hash identifier: NCPhg2rre3e8WLRdyyccAtFWY9klJ3ZD5/vGVdi6JfU=
Subject key identifier: 89:01:CD:5A:48:AC:AB:54:95:DA:57:19:F2:6A:39:91:10:C8:1B:9F
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 0190B657529F16CB18691A1AC802520E2FDD
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/iQHNWkisq1SV2lcZ8mo5kRDIG58.roa
Signing time: Mon 15 Jul 2024 12:21:34 +0000
ROA not before: Mon 15 Jul 2024 12:21:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 159.148.134.0/24 maxlen: 24
159.148.136.0/24 maxlen: 24
159.148.137.0/24 maxlen: 24
159.148.140.0/24 maxlen: 24
159.148.184.0/24 maxlen: 24
159.148.224.0/24 maxlen: 24
159.148.225.0/24 maxlen: 24
159.148.226.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:b6:57:52:9f:16:cb:18:69:1a:1a:c8:02:52:0e:2f:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jul 15 12:21:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8901cd5a48acab5495da5719f26a399110c81b9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:01:a4:3e:c0:e5:b0:aa:3f:e3:06:06:a3:4a:
15:29:e4:73:c7:c9:a3:a7:7e:25:ed:b1:f2:a7:4e:
5b:55:4c:ae:35:1a:b1:8f:ed:37:2a:89:13:fa:f1:
70:53:c6:f8:4e:5f:78:ef:10:08:72:38:a0:03:d2:
27:62:c3:6b:fc:22:b5:ed:a8:a3:18:56:9f:1a:40:
23:73:aa:7d:01:00:dc:5d:54:4f:fa:4d:fa:5a:13:
0f:3a:56:13:22:8a:d4:8a:1b:01:e9:c8:a4:c5:73:
97:4d:8f:54:9b:17:e6:ee:b7:26:63:78:dd:f9:a4:
82:2f:d8:69:c5:39:8f:e2:ce:43:6a:5c:86:55:7c:
11:e2:40:03:15:0e:e2:34:b3:fe:bf:89:40:a4:e3:
ee:35:57:95:f8:ba:73:8e:b0:b4:f5:2a:54:97:e8:
47:8a:d9:0e:c3:af:74:c9:67:50:90:8d:8f:0e:12:
8f:86:85:1a:64:8d:b1:a4:ee:2b:75:b2:97:32:cd:
de:8b:55:39:9b:6d:f4:2a:f9:bb:0e:06:db:ff:a0:
f1:a2:a3:db:42:66:74:ed:1d:aa:c8:32:68:7a:fc:
d6:3c:3b:54:88:a5:7d:4d:de:6b:8f:1e:18:e6:71:
8b:53:7c:99:5c:cd:86:0b:d0:a9:54:85:b6:bb:09:
c6:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:01:CD:5A:48:AC:AB:54:95:DA:57:19:F2:6A:39:91:10:C8:1B:9F
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/iQHNWkisq1SV2lcZ8mo5kRDIG58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.148.134.0/24
159.148.136.0/23
159.148.140.0/24
159.148.184.0/24
159.148.224.0-159.148.226.255
Signature Algorithm: sha256WithRSAEncryption
3d:17:b3:00:8c:17:ab:af:e9:58:22:fd:81:98:8c:f7:83:fe:
f4:f8:7e:ab:56:5a:e7:fa:12:51:88:00:1d:92:69:20:c8:6d:
a1:6b:65:04:dc:ba:c1:36:2f:43:76:3b:20:37:ea:1c:0c:c1:
01:a8:30:da:cc:fa:cb:53:79:35:29:8f:95:4d:91:a5:06:73:
fb:59:db:75:58:44:2d:78:22:e6:81:97:56:41:1b:36:f8:33:
85:66:ac:1a:81:59:7a:2c:fa:e0:05:b3:2c:59:1e:7d:16:f0:
b2:c0:b4:c7:02:44:5a:c0:fd:ed:6b:b6:fc:b4:81:c9:c4:c4:
e9:7b:21:3c:ab:62:1c:64:34:45:71:c8:89:76:a2:8c:6f:8e:
8c:9a:cd:51:ce:6b:f2:b5:4e:be:18:7e:7b:0b:98:46:59:db:
4e:88:32:c8:de:c0:af:c0:4c:f6:76:dc:b4:37:3e:4f:e0:a7:
47:f1:cc:b3:2c:82:5a:db:a3:83:0a:48:66:95:2d:6f:73:35:
d8:75:b8:e8:9e:6a:47:ef:7a:91:82:ea:19:9d:ac:62:f3:6c:
fd:63:de:3e:60:c8:53:56:32:7b:89:e4:84:21:40:b2:c2:ff:
1b:1b:00:72:f9:45:43:b5:c6:56:bc:b2:c3:ba:88:a3:c4:b6:
61:48:d0:15
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZC2V1KfFssYaRoayAJSDi/dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwNzE1MTIyMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTAxY2Q1YTQ4YWNhYjU0OTVkYTU3MTlmMjZhMzk5MTEwYzgxYjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQGkPsDlsKo/4wYGo0oVKeRzx8mj
p34l7bHyp05bVUyuNRqxj+03KokT+vFwU8b4Tl947xAIcjigA9InYsNr/CK17aij
GFafGkAjc6p9AQDcXVRP+k36WhMPOlYTIorUihsB6cikxXOXTY9Umxfm7rcmY3jd
+aSCL9hpxTmP4s5DalyGVXwR4kADFQ7iNLP+v4lApOPuNVeV+LpzjrC09SpUl+hH
itkOw690yWdQkI2PDhKPhoUaZI2xpO4rdbKXMs3ei1U5m230Kvm7Dgbb/6DxoqPb
QmZ07R2qyDJoevzWPDtUiKV9Td5rjx4Y5nGLU3yZXM2GC9CpVIW2uwnGIQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFIkBzVpIrKtUldpXGfJqOZEQyBufMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvaVFITldraXNxMVNWMmxjWjhtbzVrUkRJRzU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAn5SGAwQB
n5SIAwQAn5SMAwQAn5S4MAwDBAWflOADBACflOIwDQYJKoZIhvcNAQELBQADggEB
AD0XswCMF6uv6Vgi/YGYjPeD/vT4fqtWWuf6ElGIAB2SaSDIbaFrZQTcusE2L0N2
OyA36hwMwQGoMNrM+stTeTUpj5VNkaUGc/tZ23VYRC14IuaBl1ZBGzb4M4VmrBqB
WXos+uAFsyxZHn0W8LLAtMcCRFrA/e1rtvy0gcnExOl7ITyrYhxkNEVxyIl2ooxv
joyazVHOa/K1Tr4YfnsLmEZZ206IMsjewK/ATPZ23LQ3Pk/gp0fxzLMsglrbo4MK
SGaVLW9zNdh1uOieakfvepGC6hmdrGLzbP1j3j5gyFNWMnuJ5IQhQLLC/xsbAHL5
RUO1xla8ssO6iKPEtmFI0BU=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:20:45 2025 by rpki-client